Media‎ > ‎Press coverage‎ > ‎Press Cuttings‎ > ‎

DrPete Technology Experts Tips after Talk Talk Cyber Breach : Management Today

posted 2 Nov 2015, 01:35 by Peter Chadha   [ updated 4 Mar 2016, 06:12 by Stephen Hind ]

7 Tips on how to avoid falling victim to a cyber attack

You don't have to be a big company like TalkTalk to be targeted by hackers.

Many mid-sized organisations do not feel they will be  attacked by cyber criminals but we absolutely disagree. This is because the scale automation that can be applied to cyber crimes is not available to almost any other kind of crime and therefore the likelihood of falling victim is high. In fact, and amazingly some 625,000 cyber crimes were committed in each months of 2015 according to the ONS (Office of national statistics UK).
We have been asked to advise on several occasions in such scenarios - and recently the BBC reported that even a hairdresser has fallen victim to a cyber attacker

7 tips to reduce your risk are:
  1. Be aware - raise awareness in the business  to the possibility of cyber attack is key because of human error - to avoid  people to giving  away passwords inadvertently (so called social engineering).
  2. Have the right policies and procedures with complex passwords and incident management (contained in a unacceptable use policy) - staff should also be made aware to not use 'leaky' third-party services like Dropbox without a proper corporate implementation. 
  3. Stay up-to-date - make sure all the machines are" patched" (having the latest software update applied to ensure security)
  4. Make sure systems are backed up properly and test the backups. In the event that you are hacked - you can restore systems and then upgrade them to ensure you can continue business.
  5. Used two factor authentication especially when using cloud based systems. (for example you can get a text message on your phone  with a secret code when logging in to ensure that is you)
  6. Be data aware - if you hold sensitive data especially of individuals for example Bank account or credit card numbers in sure this is properly encrypted.
  7. External Check - a regular penetration test done by a IT security company along with a management review by an independent third party is always recommended - because a fresh pair of eyes examining and testing your systems is bound to identify vulnerabilities.